aws_one_click_staging 0.0.6 → 0.0.7

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 9f71fa64a4b604a12dc314c4642ff3afb2d010fe
-  data.tar.gz: bd848bdb29d799c1f1a2cb30d53b315115431789
+  metadata.gz: a9e972947656fc8ccaf30c1cd6d5cf6355d8baca
+  data.tar.gz: 5b29ee1a07385d35aa42a19d4374099cda86d857
 SHA512:
-  metadata.gz: 10b293e91ca0ea581c680e246503cfbdeebdde0cb8e456255cced315f7142806123854867af5371a1643778ffd94b1e75caa6567d2fed6df124bdde2b0f31b04
-  data.tar.gz: 9b7f6ff8f14df55133404d8ff9c9c61e3136f5f7f6034d25087067d197c8e799de3cd366206d2a418acb504d49e346b05d724a719d2c15325a9a8ada06a7e1db
+  metadata.gz: 61032bae2a85ea76f27fa846135cff4e249f427a4a2afddcc25b0987f3e896a7ecd6bc60dac1bca4c087c40fb8ca69559b7d82a1a4c840101868e537a3e396e0
+  data.tar.gz: f45ffeb216713fbc204471459e71125b0e3a9f2a4ba73b31cbc52d9f0f95b9959fca9df66822f131e8c0f60fc5da1b37c460fad8afd6b996e518389779b3c9bf

data/README.md

@@ -40,11 +40,132 @@ aws_one_click_staging stage
 
 After a while, the operation will complete and it will say 'congrats' or something and output the RDS url and bucket name for the staging clone.  Plug those values into your staging server and you should be good to go.  
 
+## AWS Permissions
+
+Because you're a professional, you want to grant only the permissions absolutely necessary to the 'staging-bot' user.  
+That's commendable.  Use the below scripts and replace `PRODUCTIONDB` with the name of your production database/ s3 bucket (hopefully you used the same name for both).
+
+(staging-bot-rds-can-do-anything-to-staging-db)
+```
+{
+    "Version": "2012-10-17",
+    "Statement": [
+        {
+            "Sid": "Stmt1448499769000",
+            "Effect": "Allow",
+            "Action": [
+                "rds:*"
+            ],
+            "Resource": [
+                "arn:aws:rds:*:*:db:PRODUCTIONDB-staging"
+            ]
+        }
+    ]
+}
+```
+(staging-bot-rds-can-do-anything-to-staging-snapshot)
+```
+{
+    "Version": "2012-10-17",
+    "Statement": [
+        {
+            "Sid": "Stmt1448518052000",
+            "Effect": "Allow",
+            "Action": [
+                "rds:*"
+            ],
+            "Resource": [
+                "arn:aws:rds:*:*:snapshot:PRODUCTIONDB-snapshot-for-staging"
+            ]
+        }
+    ]
+}
+```
+(staging-bot-rds-can-snapshot-production-db)
+```
+{
+    "Version": "2012-10-17",
+    "Statement": [
+        {
+            "Sid": "Stmt1448517746000",
+            "Effect": "Allow",
+            "Action": [
+                "rds:CreateDBSnapshot"
+            ],
+            "Resource": [
+                "arn:aws:rds:*:*:db:PRODUCTIONDB"
+            ]
+        }
+    ]
+}
+```
+(staging-bot-s3-can-do-anything-to-staging-bucket)
+```
+{
+    "Version": "2012-10-17",
+    "Statement": [
+        {
+            "Sid": "Stmt1448518841000",
+            "Effect": "Allow",
+            "Action": [
+                "s3:*"
+            ],
+            "Resource": [
+                "arn:aws:s3:::PRODUCTIONDB-staging",
+                "arn:aws:s3:::PRODUCTIONDB-staging/*"
+            ]
+        }
+    ]
+}
+```
+(staging-bot-s3-can-read-from-production-bucket)
+```
+{
+    "Version": "2012-10-17",
+    "Statement": [
+        {
+            "Sid": "Stmt1448523618000",
+            "Effect": "Allow",
+            "Action": [
+                "s3:GetBucketAcl",
+                "s3:GetBucketCORS",
+                "s3:GetBucketLocation",
+                "s3:GetBucketLogging",
+                "s3:GetBucketNotification",
+                "s3:GetBucketPolicy",
+                "s3:GetBucketRequestPayment",
+                "s3:GetBucketTagging",
+                "s3:GetBucketVersioning",
+                "s3:GetBucketWebsite",
+                "s3:GetLifecycleConfiguration",
+                "s3:GetObject",
+                "s3:GetObjectAcl",
+                "s3:GetObjectTorrent",
+                "s3:GetObjectVersion",
+                "s3:GetObjectVersionAcl",
+                "s3:GetObjectVersionTorrent",
+                "s3:ListAllMyBuckets",
+                "s3:ListBucket",
+                "s3:ListBucketMultipartUploads",
+                "s3:ListBucketVersions",
+                "s3:ListMultipartUploadParts"
+            ],
+            "Resource": [
+                "arn:aws:s3:::PRODUCTIONDB"
+            ]
+        }
+    ]
+}
+```
+
 
 ## Development
 
 To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release` to create a git tag for the version, push git commits and tags, and push the `.gem` file to [rubygems.org](https://rubygems.org).
 
+There's a couple unit tests with commented out method calls.  This was how I tested against amazon, simply uncomment a line, drop in a `binding.pry;exit!` and test/ debug what ever methods you think are messing up.  
+
+
 ## Contributing
 
 1. Fork it ( https://github.com/[my-github-username]/aws_one_click_staging/fork )

data/lib/aws_one_click_staging/aws_warrior.rb

@@ -17,8 +17,6 @@ module AwsOneClickStaging
     def clone_rds
       setup_aws_credentials
 
-
-
       @c = Aws::RDS::Client.new
 
       delete_snapshot_for_staging!
@@ -26,6 +24,7 @@ module AwsOneClickStaging
 
       delete_staging_db_instance!
       spawn_new_staging_db_instance!
+      print_staging_db_uri
     end
 
     def clone_s3_bucket
@@ -39,7 +38,7 @@ module AwsOneClickStaging
         bucket: @aws_staging_bucket}
 
       bs = BucketSyncService.new(from_creds, to_creds)
-
+      #bs.debug = true
       bs.perform
     end
 
@@ -67,7 +66,7 @@ module AwsOneClickStaging
       puts "deleting old staging db snapshot"
       response = @c.delete_db_snapshot(db_snapshot_identifier: @db_snapshot_id)
 
-      sleep 1 while response.percent_progress != 100
+      sleep 1 while response.db_snapshot.percent_progress != 100
       true
     rescue
       false
@@ -86,9 +85,10 @@ module AwsOneClickStaging
 
 
     def delete_staging_db_instance!
-      response = @c.delete_db_instance(db_instance_identifier: @db_instance_id_staging)
+      response = @c.delete_db_instance(db_instance_identifier: @db_instance_id_staging,
+        skip_final_snapshot: true)
 
-      sleep 2 while response.percent_progress != 100
+      sleep 10 until db_instance_is_deleted?(@db_instance_id_staging)
     rescue
       false
     end
@@ -101,7 +101,7 @@ module AwsOneClickStaging
         master_user_password: @master_user_password,
         allocated_storage: "10")
 
-      sleep 10 while get_fresh_db_instance_state.db_instance_status != "available"
+      sleep 10 while get_fresh_db_instance_state(@db_instance_id_staging).db_instance_status != "available"
     end
 
 
@@ -110,8 +110,26 @@ module AwsOneClickStaging
       @c.describe_db_snapshots(db_snapshot_identifier: @db_snapshot_id).db_snapshots.first
     end
 
-    def get_fresh_db_instance_state
-      @c.describe_db_instances(db_instance_identifier: @db_instance_id_staging).db_instances.first
+    def get_fresh_db_instance_state(db_instance_id)
+      @c.describe_db_instances(db_instance_identifier: db_instance_id).db_instances.first
+    end
+
+    def db_instance_is_deleted?(db_instance_id)
+      @c.describe_db_instances(db_instance_identifier: db_instance_id).db_instances.first
+      false
+    rescue Aws::RDS::Errors::DBInstanceNotFound => e
+      true
+    end
+
+    def print_staging_db_uri
+      l = 65
+      msg = ""
+      msg += "*" * l + "\n"
+      msg += "* "
+      msg += get_fresh_db_instance_state(@db_instance_id_staging).endpoint.address
+      msg += "  *\n"
+      msg += "*" * l
+      puts msg
     end
 
 

data/lib/aws_one_click_staging/version.rb

@@ -1,3 +1,3 @@
 module AwsOneClickStaging
-  VERSION = "0.0.6"
+  VERSION = "0.0.7"
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: aws_one_click_staging
 version: !ruby/object:Gem::Version
-  version: 0.0.6
+  version: 0.0.7
 platform: ruby
 authors:
 - TheNotary